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ABSTRACT 



A semiconductor device used to store encryption/decryption 
keys at manufacture in combination with digital certificates 
to ensure secured communications between the semiconduc- 
tor device and another device. The semiconductor device 
comprising (i) a non-volatile memory capable of storing the 
encryption/decryption keys and at least one digital 
certificate, (ii) an internal memory capable of temporarily 
storing information input into the semiconductor device 
from the other device and possibly encryption and decryp- 
tion algorithms, (iii) a processor for processing the infor- 
mation and (iv) a random number generator for generating 
the encryption/decryption keys completely internal to the 
semiconductor device. 

29 Claims, 8 Drawing Sheets 
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APPARATUS AND METHOD FOR and convenient way of transmitting the symmetric key from 

PROVIDING SECURED COMMUNICATIONS the legitimate sender 2 to the legitimate receiver 3. 

Another method of encryption/decryption is to use two 

This application is a continuation of application Ser. No. separate keys (referred to as a "key pair") in which a first key 

08/251,486, filed May 31, 1994, now U.S. Pat. No. 5,539, 5 ("a public key") 10 of the key pair is used for encryption of 

828. a message 12 from a legitimate sender 13 while a second key 

("a private key") 11 of the key pair is used by the legitimate 

CROSS-REFERENCES TO RELATED receiver 14 for decryption of the message 12 as shown in 

APPLICATIONS FIG. 2. This method is commonly referred to as "asymmet- 

10 ric" (or public) key cryptography. One advantage of asym- 

The named inventor of the present application has filed a metric key cryptography is that it alleviates the burdensome 

number of copending U.S. patent applications of which the key management problem associated with symmetric key 

following have matured into U.S. patents: "Roving Software cryptography. Continuing the above example, the number of 

License For A Hardware Agent" (U.S. Pat. No. 5,473,692), key pairs required for asymmetric key cryptography is equal 

and "A Method For Providing A Roving Software License in 15 to 1000, the total number of legitimate entities. However, in 

A Hardware Agent-Based System" (U.S. Pat. No. 5,568, such communications system, it is known that an illegiti- 

552). These patents are owned by the same assignee of the mate entity (e.g., commercial spy) may attempt to imper- 

present application. sonate a legitimate entity (e.g., employee, joint-venturer, 

etc.) by sending fraudulent messages to another legitimate 

BACKGROUND OF THE INVENTION ^ entity for the purpose of disrupting work flow or obtaining 

1 Field of the Invention confidential information. Thus, additional protocols are usu- 
ally used in the asymmetric key system to ensure message 

The present invention relates to an apparatus and method and sender aumen ti ca tion. 

for data security. More particularity, the present invention Authentication of the sender (i.e., verifying that the 

relates to a semiconductor device storing encryption/ sen der of a public key is, in fact, the true owner of the public 

decryption keys at manufacture and/or subsequent to manu- fc } fe a bkm when comn3unications are initM esUb . 

facture to ensure secured communications between a system ^ between iousl unknown ties . ^ y blem is 

incorporating a cryptographic semiconductor device and a commonl avoided b incorporating \ digital cer t ificale 15 

device in remote communications with the system. within ^ lransmitted message u * sho * n in RG 3 ^ 

2. Art Related to the Invention 3Q digital certificate 15 is issued by a mutually trusted authority 

In today's society, it is becoming more and more desirable 16 (e.g., a bank, governmental entity, trade association, etc.) 

to transmit digital information from one location to another so that fraudulent attempts to use another's public key 10 

in a manner which is clear and unambiguous to a legitimate will simply result in unreadable messages. Such mutually 

receiver, but incomprehensible to any illegitimate recipients. trusted authority 16 depends on the parties involved. For 

Accordingly, such information is typically encrypted by a 35 example, two individuals employed by the same business 

software application executing some predetermined encryp- could both trust the certificates issued by a corporate secu- 

tion algorithm and is transmitted to the legitimate receiver in rity office of the business. Employees of two independent 

encrypted form. The legitimate receiver then decrypts the business entities, however, would require not only the cer- 

transmitted information for use. This encryption/decryption tificates from the respective security offices, but also the 

transmission process is commonly used in governmental 40 certificates from, for example, some industry trade organi- 

applications as well as for commercial applications where zation that certifies such business entities. Tliis digital cer- 

sensitive information is being transmitted. tificate 16 methodology "binds" a public key 10 to an entity 

Often, encryption/decryption of information is accom- ( e -g > employee), 

plished through symmetric key cryptography as shown in In the past few years, there have been many approaches 

FIG. 1. In symmetric key cryptography, an identical key 1 45 toward protecting "key" information from being obtained by 

(i.e., a data string commonly referred to as a "symmetric unauthorized persons. One such approach is employing 

key") is used by both a legitimate sender 2 and a legitimate mechanical security mechanisms, particular for portable 

receiver 3 to encrypt and decrypt a message 4 (i.e., computers which can be more easily appropriated. For 

information) being transmitted between the sender 2 and example, certain companies have introduced a "secure" 

receiver 3. Such encryption and decryption is performed 50 laptop using a tamper-detection mechanism to erase the key 

through well-known conventional algorithms such as material if the laptop's casing is opened without authoriza- 

Riverst, Shamir, and Adleman (RSA) and/or Data Encryp- tion. However, there are several disadvantages associated 

tion Standard (DES), and transmitted in encrypted form with mechanical security devices. 

through a public domain 5 such as a conventional network, A primary disadvantage associated with mechanical secu- 

telephone lines, etc. 55 rity mechanisms is that they may be circumvented through 

Although symmetric key cryptography is computationally reverse engineering. Another disadvantage is that mechani- 

simple, it requires complex key management. Basically, cal security mechanisms are costly to design and fabricate, 

each sender needs a different symmetric key to communicate Another disadvantage is that they are subject to accidental 

with each legitimate receiver, thereby making it difficult, if erasure of key information. 

not impossible, to be used by businesses having a large 60 As a result, a number of companies are simply relying on 

number of employees. For example, in a business of 1000 the software application to utilize encryption/decryption 

legitimate entities (e.g., employees), a maximum of 499,500 protocols. However, as technology rapidly evolves, these 

(1000x999/2) keys would need to be managed, provided that encryption/decryption software applications place unneces- 

each legitimate entity is capable of communicating with any sary limitations on transmission speeds of a communication 

another legitimate entity within the business. In addition, 65 system since the speed of encrypting or decrypting infor- 

symmetric key cryptography is difficult to implement in a mation is correlated to the execution speed of the instruc- 

network or global environment because there is no secure tions. 
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This approach for employing specific hardware into the from a trusted third party or a collection of both certificates, 
customer's system to protect such keys from disclosure is In the following description, numerous details are set forth 
also used in the rapidly growing area of "content such as certain components of the hardware agent in order 
distribution", namely the electronic distribution of informa- to provide a thorough understanding of the present inven- 
tion. Some known content distribution systems include (i) 5 tion. It will be obvious, however, to one skilled in the art that 
selling software via modem or other electronic means and these details are not required to practice the present inven- 
(ii) selling portions of information distributed by compact tion - In other instances, well-known circuits, elements and 
disc ("CD"), etc. Such electronic sales often depend on the lhe ^ e a f e n01 ^ [ onh in deua in order 10 avoid unnec - 
use of decryption keys to "decode" the specific data essanl y obscu ™g the P rese nt invention, 
involved. For example, a customer may have free access to 10 Referring to FIG. 4, an embodiment of a computer system 
a CD containing many files of encrypted data, but to actually 20 utilizing the present invention is illustrated. The corn- 
purchase a specific file, he buys the corresponding "decryp- P uler s y slem 20 comprises a system bus 21 enabling infor- 
tion key" for that file. However, a primary problem with mation 10 te communicated between a plurality of bus 
using specific hardware to protect the keys is that such a S ents including at least one host processor 22 and a 
hardware requires complete management and control by the 15 hardware a g eat 23 - The host processor 22, preferably but not 
information supplier to prevent any potential unauthorized exclusively an Intel® Architecture Processor, is coupled to 

the system bus 21 through a processor bus interface 24. 
Although only the host processor 22 is illustrated in this 

BRIEF SUMMARY OF THE INVENTION embodiment, it is contemplated that multiple processors 

20 could be employed within the computer system 20. 

Based on the foregoing, it would be desirable to develop ^ further shown in HG ^ the syslem bus 2 i provides 

a semiconductor device comprising a processing unit for access tQ a memory subsystem 25 and an input/output 

performing operations for identification purposes, a memory ("t/q") subsystem 26. The memory subsystem 25 includes a 

unit having at least non-volatile memory for storage of a mC mory controller 27 coupled to the system bus 21 to 

unique public/private key pair and at least one digital ^ providc an interface for controlling access to at least one 

certificate venfying the authenticity of the key pair, memory mem0 ry device 28 such as dynamic random access memory 

for storage of cryptographic algorithms and volatile random ("DRAM"), read only memory ("ROM"), video random 

access memory for storage of temporary data. The hardware access mem0 ry ("VRAM") and the like. The memory device 

agent further includes an interface in order to receive infer- 2 8 stores information and instructions for the host processor 

mation (encrypted or decrypted) from and/or transmit infer- 3Q 22. 

mation to other device(s). The I/Q su5system 2 6 includes an I/O controller 29 being 

BRIEF DESCRIPTION OF THE DRAWINGS ™*™ 10 * e ^ te « bus 21 and a conventional I/O bus 3* 

The I/O controller 29 is an interface between the I/O bus 30 

The objects, features and advantages of the present inven- and the system bus 21 which provides a communication path 

tion will become apparent from the following detailed 35 (i.e., gateway) to allow devices on the system bus 21 or the 

description of the present invention in which: I/O bus 30 to exchange information. The I/O bus 30 com- 

FIG. 1 is a block diagram illustrating a conventional municates information between at least one peripheral 

symmetric key encryption and decryption process. device in the computer system 20 including, but not limited 

„ TO „ . , -,, 4 4 - 1 to a display device 31 (e.g., cathode ray tube, liquid crystal 

FIG. 2 is a block diagram illustrating a conventional . r / w , . . , u . . 

. . . 1 j & 4D display, etc.) for displaying images; an alphanumeric input 

asymmetric Key encrypt.on ana aecrypt.on process. ^ - 32 - 

an alphanumeric keyboard, etc.) for com- 

FIG. 3 is a block diagram illustrating a digital certification mun icating information and command selections to the host 

process from a trusted authority. processor 22; a cursor control device 33 (e.g., a mouse, 

FIG. 4 is a block diagram of a computer system incor- trackball, etc.) for controlling cursor movement; a mass data 

porating an embodiment of the present invention. 45 storage device 34 (e.g., magnetic tapes, hard disk drive, 

FIG. 5 is a block diagram of an embodiment of the present floppy disk drive, etc.) for storing information and instruc- 

invention. tions; an information transceiver device 35 (fax machine, 

FIG. 6 is a flowchart illustrating the method for imple- modem, scanner etc.) for transmitting information from the 

menting a key pair and digital certificate into a crypto- computer system 20 to another device and for receiving 

graphic semiconductor device. 50 information from another device; and a hard copy device 36 

™^ - * a ^ 11 L c .l (e.g., plotter, printer, etc.) for providing a tangible, visual 

FIG. 7 is a flowchart illustrating the operations of the . *»u • * 1. ■ ♦ , , , u <( , 

hardware a ent representation of the information. It is contemplated that the 

ar ware agent. computer system shown in FIG. 4 may employ some or all 

FIG. 8 is a flowchart illustrating remote verification of the of these components or different components than those 

hardware agent using second level certification. 55 illustrated. 

nCTA Ti nrN nrcpnmTiAM nt? tt.it? Referring now to an embodiment of the present invention 

INVENTION as s " own lD *" e na ™ ware agent 23 is coupled to the 

system bus 21 to establish a communication path with the 

The present invention relates to a a cryptographic semi- host processor 22. The hardware agent 23 comprises a single 

conductor device of many possible embodiments (referred to 60 integrated circuit in the form of a die 40 (e.g., a 

as a "hardware agent") and its associated method of opera- microcontroller) encapsulated within a semiconductor 

tion directed toward securely storing and using a public/ device package 41, preferably hermetically, to protect the 

private key pair and at least one digital certificate within the die 40 from damage and harmful contaminants. The die 40 

hardware agent itself. This digital certificate may include a comprises a processing unit 42 coupled to a memory unit 43, 

"device certificate 11 being a digital certificate provided by a 65 a bus interface 44 and a number generator 45. The bus 

manufacturer of the device signifying the legitimacy of the interface 44 enables communication from the hardware 

device, a "second level certificate" being a digital certificate agent 23 to another device (e.g., the host processor 22). The 
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processing unit 42 performs computations internally within general terms, encrypting the public key with the manufac- 
a secured environment within the die 40 to confirm a valid Hirer's private key). This certificate is input to the hardware 
connection with an authorized receiver. Such computations agent (Step 150) and the hardware agent permanently pro- 
include executing certain algorithms and protocols, activat- grams the unique public/private key pair and the device 
ing circuitry (e.g., the number generator 45 being preferably 5 certificate into its non-volatile memory (Step 155). At this 
random in nature) for generating a device-specific public/ point, the device is physically unique and is now capable of 
private key pair and the like. The processing unit 42 is proving its authenticity. 

placed within the die 40 to prevent access of -the private key Referring to FIG. 7, a flowchart of remote verification of 

through virus attack, which is a common method of disrupt- a hardware agent is illustrated. In Step 200, a communica- 

ing a computer system to obtain its private key. 1Q ii on link is established between a system incorporating the 

The memory unit 43 includes a non-volatile memory hardware agent ("local system") and a remote system (e.g., 

element 46 which stores the public/private key pair and at a system incorporating another hardware agent or running 

least one digital certificate therein. This non -volatile software which communicates with the hardware agent), 

memory 46 is used primarily because it retains its contents The hardware agent outputs its unique device certificate to 

when supply power is discontinued. The memory unit 43 15 the remote system (Step 205). Since the manufacturer's 

further includes random access memory ("RAM") 47 in public key will be published and widely available, the 

order to store certain results from the processing unit 42 and remote system decrypts the device certificate to obtain the 

appropriate algorithms. public key of the hardware agent (Step 210), 

Although the hardware agent 23 is implemented as a Thereafter, in Step 215, the remote system generates a 

peripheral device on the system bus 21 for greater security, 2 o random challenge (i.e., a data sequence for testing purposes) 

it is contemplated that the hardware agent 23 could be and transmits the random challenge to the local system (Step 

implemented in several other ways at the PC platform level 220). In step 225, the hardware agent generates a response 

such as, for example, as a disk controller or PCMCIA card (i.e., encrypts the challenge with the private key of the 

to automatically decrypt and/or encrypt information being hardware agent) and transmits the response to the remote 

inputted and outputted from a hard disk. Another alternative 2 s system (Step 230). Then, the remote system decrypts the 

implementation would be for the hardware agent 23 to be response with the public key of the hardware agent as 

one component of a multi-chip module including the host previously determined from the device certificate transmit- 

processor 22 as discussed below. Furthermore, even though ted by the hardware agent (Step 235). In Step 240, the 

the hardware agent 23 is described in connection with PC remote system compares the original challenge to the 

platforms, it is contemplated that such hardware agent 23 30 decrypted response and if identical, communications 

could be implemented within any input/output ("I/O") between the system and the remote system are secure and 

peripheral device such as within a fax machine, printer and maintained (Step 245). Otherwise, the communications are 

the like or on a communication path between a computer and terminated (step 250). At this point, the remote system is 

the I/O peripheral device. ensured that it is in direct contact with a specific device (of 

Referring to FIG. 6, a flowchart of the operations for 35 known characteristics) manufactured by a specific manufac- 
manufacturing the present invention is illustrated. First, in turer. The remote system can now direct the hardware agent 
Step 100, the die of the hardware agent is manufactured to perform specific functions within the target system on the 
according to any conventional well-known semiconductor remote's behalf. The integrity of these functions and secrecy 
manufacturing technique. Next, the die is encapsulated of the associated data are ensured. Such functions may 
within a semiconductor package so as to form the hardware 40 include receipt and use of content distribution keys, main- 
agent itself (Step 105). The hardware agent is placed onto a tenance of accounting information, etc. 
certification system which establishes an electrical connec- With the emergence of content distribution along, with 
tion to the hardware agent and the certification system (Step other information providing devices, it may become neces- 
110). The certification system is basically a carrier coupled sary to provide additional assurances that the hardware agent 
to a printed circuit board for generating and receiving 45 is not a forgery. This can be accomplished by sending the 
electrical signals for certification of the hardware agent. The hardware agent to a reputable third party entity such as 
certification system includes a device for storage of prior another trusted authority e.g., governmental agency, bank, 
generated public keys (e.g., a database) to guarantee unique trade association and the like. In a manner identical to that 
key generation. Thereafter, the certification system supplies described above, a unique third party digital certificate of the 
power to the hardware agent initiating a configuration 50 third party entity (the "second level certificate") is input to 
sequence. During this sequence, the random number gen- the hardware agent. Thereafter, the hardware agent perma- 
erator generates a device-specific public/private key pair nently programs the second level certificate accompanied by 
internally within the hardware agent (Step 115). the public/private key pair and possibly the device certificate 

The public key of the public/private key pair is output to into its non-volatile memory. As a result, the hardware agent 

the certification system (Step 120) where it is compared to 55 is validated through both the device certificate and the 

the storage device of the prior generated public keys from second level certificate to guarantee validity of the hardware 

previously manufactured hardware agents (Step 125). In the agent and prevent fraudulent manufacture of the hardware 

highly unlikely event that the public key is identical to a agent, barring unlikely collusion by the third party entity and 

prior generated public key (Step 130), the hardware agent is the manufacturer of the hardware agent, 

signaled by the certification system to generate another such 60 Referring to FIG. 8, a flowchart of remote verification of 

public/private key pair (Step 135) and continue process at a hardware agent including authentication using a second 

Step 120. This process ensures that each public/private key level certificate is illustrated. In Step 300, a communication 

pair is unique. The storage device for prior generated public link is established between the local system and the remote 

keys is updated with this new, unique public key (Step 140). system. The hardware agent outputs its unique device cer- 

Thereafter, in Step 145, the certification system creates a 65 tificate and the second level certificate to the remote system 

unique device certificate by "digitally signing" the public (Step 305). Next, the remote system decrypts the device 

key with the manufacturer's secret private key (i.e. in certificate using the manufacturer's published public key to 
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obtain the public key of the hardware agent (Step 310). 
Similarly, the remote system decrypts the second level 
certificate using a we 11 -published public key of the third 
party to obtain the public key of the hardware agent stored 
therein (Step 315). 5 

Thereafter, the two versions of the public key of the 
hardware agent are compared (step 320) and if the two 
versions are not identical, communication is terminated 
(Step 325). However, if the two versions are identical, the 
remote system generates a random challenge and transmits 1Q 
the random challenge to the hardware agent (Step 330). The 
hardware agent generates a response i.e., the challenge 
encrypted with the private key of the hardware agent (Step 
335) and transmits the response to the remote system (Step 
340). The remote system then decrypts the response with the 
public key of the hardware agent previously transmitted by 
the hardware agent (Step 345). As in Step 350, the remote 
system compares the original challenge to the decrypted 
response and if identical, communications between the sys- 
tem and the remote system are secure and maintained (Step 
355). Otherwise, the communications are terminated (step 
360). 

The present invention described herein may be designed 
in many different methods and using many different con- 
figurations. While the present invention has been described 25 
in terms of various embodiments, other embodiments may 
come to mind to those skilled in the art without departing 
from the spirit and scope of the present invention. The 
invention should, therefore, be measured in terms of the 
claims which follows. 30 

What is claimed is: 

1. A semiconductor device comprising: 

processing means for processing information within said 
semiconductor device; 

first storage means for storing a uniquely designated key 35 
pair and at least one digital certificate, said first storage 
means being coupled to said processing means; 

second storage means for storing at least said information 
processed by said processing means, said second stor- 
age means being coupled to said processing means; and 40 

generating means for generating values used to produce at 
least one key internally within the semiconductor 
device, said generating means being coupled to said 
processing means. 

2. The semiconductor device according to claim 1, 45 
wherein said first storage means includes non-volatile 
memory for maintaining said uniquely designated key pair 
and said at least one digital certificate even during a non- 
powered state. 

3. The semiconductor device according to claim 2, 50 
wherein said at least one digital certificate includes a device 
certificate. 

4. The semiconductor device according to claim 3, 
wherein said at least one digital certificate further includes 

a second level certificate. 55 

5. The semiconductor device according to claim 2, 
wherein said second storage means includes random access 
memory for temporarily storing said information. 

6. The semiconductor device according to claim 1, 
wherein said generating means includes a random number 60 
generator. 

7. The semiconductor device according to claim 1 
wherein said further comprising interface means for provid- 
ing a mechanism to couple the semiconductor device to a 
communication link. 65 

8. The semiconductor device of claim 1, wherein the at 
least one key includes the key pair. 



9. A system comprising: 

memory means for storing program instructions; 
host processing means for executing said program instruc- 
tions; 

bus means for coupling said host processing means and 
said memory means; and 

semiconductor means, coupled to said bus means, for 
internally decrypting input information and encrypting 
output information, said semiconductor means includ- 
ing: 

processing means for processing said input and output 
information within said semiconductor means, 

first storage means for storing a uniquely designated 
key pair and at least one digital certificate used for 
decrypting said input information and encrypting 
said output information, said first storage means 
being coupled to said processing means, 

second storage means for temporarily storing at least 
said input and output information, and 

generating means for generating values used to produce 
at least one key internally within the semiconductor 
means. 

10. The system according to claim 9, wherein said first 
storage means includes non-volatile memory for storing said 
uniquely designated key pair and said at least one digital 
certificate during a non-powered state. 

11. The system according to claim 10, wherein said at 
least one digital certificate includes a device certificate. 

12. The system according to claim 11, wherein said at 
least one digital certificate further includes a second level 
certificate. 

13. The system according to claim 10, wherein said 
second storage means includes random access memory for 
temporarily storing said information and at least one encryp- 
tion and decryption algorithm. 

14. The system according to claim 9, wherein said gen- 
erating means includes a random number generator. 

15. The system of claim 9, wherein the at least one key 
includes the key pair. 

16. A semiconductor device for performing cryptographic 
operations, said semiconductor device comprising: 

a first memory element for containing at least a designated 
key pair and at least one digital certificate; 

a second memory element for containing information; 

a processing unit coupled to said first and second memory 
elements, said processing unit for processing said infor- 
mation; and 

a random number generator coupled to said processing 
unit, said random number generator for generating 
values which are used to generate at least one key 
internally within the semiconductor device. 

17. The semiconductor device according to claim 16, 
wherein said first memory element is non-volatile memory. 

18. The semiconductor device according to claim 17, 
wherein said second memory element is volatile memory. 

19. The system according to claim 17, wherein said 
designated key pair is unique. 

20. The semiconductor device according to claim 16, 
wherein said first memory element contains a device cer- 
tificate and a second level certificate. 

21. The semiconductor device of claim 16, wherein the at 
least one key includes the key pair. 

22. A system comprising: 
a bus; 

a memory element containing program instructions and 
data; 
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a host processor coupled to said bus, said host processor 

executes said program instructions; 
a semiconductor device coupled to said bus, said semi- 
conductor device internally encrypting output informa- 
tion to be sent to a remote system remotely located 5 
from the system, said semiconductor device including 
a first memory element which contains a designated 

key pair and at least one digital certificate, 
a second memory element which contains information, 
a processing unit coupled to said first and second 10 
memory elements, said processing unit processing at 
least said information, and 
a random number generator coupled to aid processing 
unit, said random number generator generating val- 
ues which are used to generate at least one key 15 
internally within said semiconductor device. 
23. The system according to claim 22, wherein said first 
memory element of said semiconductor device includes 
non-volatile memory. 



24. The system according to claim 23, wherein said 
second memory element of said semiconductor device 
includes non-volatile memory. 

25. The system according to claim 22, wherein said 
semiconductor device and said host processor are encapsu- 
lated within as a multi-chip package. 

26. The system according to claim 22 further comprising 
an information transceiver device coupled to at least said 
semiconductor device. 

27. The system according to claim 26, wherein said 
information transceiver device is one of a group consisting 
of a modem or a fax machine. 

28. The system according to claim 26, wherein said 
information transceiver device is also coupled to one of a 
group consisting of a network or a telephone line, said 
information transceiver device enables information to be 
exchanged with the remote system. 

29. fte system of claim 22, wherein the at least one key 
includes the key pair. 

* * * * * 
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